Overview
Scorebuddy allows users to log in to the system using their Single-Sign-on login. You can achieve this by using Microsoft Azure within Active Directory or OKTA methods. This article aims to provide detailed steps on how to set up the Secure Single Sign-on using Okta.
This configuration is done by the customer in the Okta Production Org, and before you begin the configuration, we recommend that you review the considerations below.
Prerequisites
To perform this system guide, the person executing must have at least the next knowledge and access rights.
You will need to configure the endpoint and a bearer token, which Okta will automatically create.
Access
System Admin rights in Okta
Global Admin Access permission in Scorebuddy
Skills, knowledge
Basic knowledge in SSO using Okta’s Application
The following steps walk you through how to enable automatic provisioning of users and groups from Okta to Scorebuddy SSO.
Step 1: Enable Provisioning in Scorebuddy
Step 2: Create Okta Application OpenID connect (EndPoint setup)
Step 3: Client Credentials & Security Tokens
Step 4: Assignments
Step 1: Enable Provisioning in Scorebuddy
In this first step, you will need to log in to the Scorebuddy application.
1.1 Within the Scorebuddy, navigate to the "Admin" tab
1.2 Within the Admin tab, click on the "Security" option
1.3 Within the "Security" page, click on "Single Sign On" on the left-hand-side
The SSO page will be displayed. Use the roll-bar on the right-hand-side to scroll down to get the option for Okta.
1.4 Turn ON the Okta SSO to enable access
1.5 You will need to add the "Login redirect URLs" to your Okta applications settings
Step 2: Create Okta Application OpenID connect
In this second step, you will need to log in to the Okta application.
Note: Please note that the representation might be slightly different depending on the version you are on.
2.1 Open the Okta's console, choose "Applications" in the left navigation pane
2.2 Under the Applications, choose "Applications" This immediately enables the Applications pane
2.3 Within the Applications page, click "Create New App."
2.4 Choose "Web" from the Platform dropdown
2.5 Select "OpenID Connect" from the "Sign on method" options
2.6 You may name the App within the "Application Name" field
Note: Now, you will need to enter the EndPoints from Scorebuddy as described in step 1.5. From this point, we recommend you have both applications, Okta and Scorebuddy, side-by-side.
2.7 Within the "Login redirect URIs" field, place the link copied from Scorebuddy Login redirect URIs field
2.8 Within the "Logout redirect URIs" field, place the link copied from Scorebuddy Login redirect URIs field (change the file name to be logout as per the screenshot below)
2.9 Click "Save" to continue
Step 3: Client Credentials & Security Tokens
After saving the URIs, you will be prompt with the Client Credentials page.
3.1 Copy the "Client ID" from Okta's Client Credentials, and place it in the "Client ID" within the SSO page in your Scorebuddy
3.2 Copy the "Client Secret" from Okta's Client Credentials, and place it in the "Client Secret" within the SSO page in the Scorebuddy
3.3 Copy the "Okta domain" from Okta's General Settings, and place it in the "Okta Url" within the SSO page in the Scorebuddy
Step 4: Assignments
In this last step, you will need to assign your users and groups. All Okta users that you assign here will be synchronized automatically to SSO.
4.1 Within the Okta SSO app page, select the "Assigments" tab
4.2 On the "Assignments" page, select "Assign," then choose Assign Groups or People
4.3 Go back to the Scorebuddy Admin \ Security \ SSO
4.4 Enable the Provisioning authentication by checking the box demonstrated in the picture below.
4.4.1 If you don't select this option, you are giving a login option to access Scorebuddy via its password or by Okta
4.5 After enabling the authentication, the users will only be able to log in via the SSO.